TLS specifications: Difference between revisions

From FileZilla Wiki
Jump to navigationJump to search
m (Reverted edits by 79.125.120.108 (talk) to last revision by CodeSquid)
(Undo revision 11868 by 193.105.210.170 (talk))
Line 1: Line 1:
The ''Transport Layer Security'' (TLS) protocol gets used to cryptographically protect a socket connection. It is the successor of the ''Secure Sockets Layer'' (SSL) protocol. TLS gets used for the FTP over TLS/SSL (FTPS) protocol.
lol Sorry, didn't mean that to come arcoss so harsh. I just meant that many Christians repeat a statement purporting truth without giving any of the factual support that is there for the case. Dr. White gives the statement and the facts together.Sorry for any confusion
 
== Technical Specifications ==
 
* [http://filezilla-project.org/specs/draft_ssl_v3.txt SSLv3 draft] (obsolete)
* [http://filezilla-project.org/specs/rfc2246.txt <nowiki>RFC 2246</nowiki>] "TLS 1.0"
* [http://filezilla-project.org/specs/rfc4346.txt <nowiki>RFC 4346</nowiki>] "TLS 1.1"
 
=== Points of interest ===
 
* Section 7.2.1. of RFC 2246: Closure alerts<br />
<blockquote><pre>The client and the server must share knowledge that the connection is
ending in order to avoid a truncation attack. Either party may
initiate the exchange of closing messages.
[...]
Each party is required to send a close_notify alert before closing
the write side of the connection.
</pre></blockquote>
 
:Lots of FTP servers did not follow the specifications and were vulnerable to truncation attacks. FileZilla will properly fail transfers on those servers.
 
== See also ==
 
* [[File Transfer Protocol|FTP specifications]]
* [[Other specifications]]
* [[SFTP specifications]]

Revision as of 03:14, 23 February 2012

lol Sorry, didn't mean that to come arcoss so harsh. I just meant that many Christians repeat a statement purporting truth without giving any of the factual support that is there for the case. Dr. White gives the statement and the facts together.Sorry for any confusion